Network-based attacks are a well known threat to personal computers and mobile devices. Its impact on mobile devices is especially significant as those tend to connect more frequently to Wi-Fi networks. Network attacks such as man-in-the-middle can expose sensitive end user information such as passwords and other personal data.
When a device is suspected as being under attack, one known solution is to disconnect the device from the network. Such an approach does protect sensitive information. However, it has a significant downside in impacting user productivity and disabling the ability to bypass the attack. In addition, some networks such as captive networks, exhibit suspicious behaviors that are resolved once the user authenticates to them. Disconnecting the user from these networks on first sight of a suspicious activity will make it impractical for the user to authenticate and use the networks as intended.
An additional approach could be to use a secure Virtual Private Network (VPN) channel from the device to protect the data transmitted from any man-in-the-middle in the local network. However, establishing a VPN channel requires some Internet connectivity and in the absence of such connectivity, no VPN channel can be created.